[zzsurfpop]

Dear folks,
In the past couple weeks I have been trying to clean up my home PC. I have updated my virus definitions and plan to upgrade to Norton 2005. I have run SpyBot and Ad-Aware SE. My OS is windows XP and I use IE for browser and OE for email. I really don't feel secure with all this winfirewall jazz just hanging around on my machine, besides, it's not right, and I bet alot of people are getting ripped off by these guys.
From what I understand there are far better browsers etc. and I'd be willin to take a look when i can kill this pop up nonsense. The main assailant is the winfirewall2004, antivirus and a couple others...all the same red/yellow/orange format, obviously the same Norton "Lookalike". I am new to your site and not sure how to do this, but I need your help recognizing and deleting the items which are bad for my system. I hope I did this right...cause I'm not real up on all this ...Can you help me get back on track? THANKS
.
.Logfile of HijackThis v1.98.2
Scan saved at 8:04:47 PM, on 10/30/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\wanmpsvc.exe
C:\WINNT\system32\SK9910DM.EXE
C:\WINNT\GWMDMMSG.exe
C:\WINNT\system32\PROMon.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\WINNT\System32\NMSSvc.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\addins\pc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UFE7Q1QR\HijackThis[1].exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.net
O1 - Hosts: com
O1 - Hosts: com
O1 - Hosts: .com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CATLEvents Object - {870B70D4-F6DA-47AE-9158-D146440A0A4D} - C:\DOCUME~1\Owner\LOCALS~1\Temp\cp.dat
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [Hot Key Kbd 9910 Daemon] SK9910DM.EXE
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Keyboard Preload Check] C:\OEMDRVRS\KEYB\Preload.exe /DEVID: /CLASS:Keyboard /RunValue:"Keyboard Preload Check"
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINNT\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [*dllreg] C:\WINNT\Fonts\dllreg.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [*catwin] C:\WINNT\ServicePackFiles\catwin.exe
O4 - HKLM\..\Run: [*smsvc] C:\WINNT\java\classes\smsvc.exe
O4 - HKLM\..\RunOnce: [*smsvc] C:\WINNT\java\classes\smsvc.exe rerun
O4 - HKLM\..\RunOnce: [*pc] C:\WINNT\addins\pc.exe rerun
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [*MS Setup] C:\WINNT\system32\bkinst.exe ren time:1099114242
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcaf...ed/MGBrwFld.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gatew...r/PCPitStop.CAB
O16 - DPF: {0F04992B-E661-4DB9-B223-903AB628225D} (DoMoreRunExe.DoMoreRun) - file://C:\Program Files\Gateway\Do More\DoMoreRunExe.CAB
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weat...Transporter.cab?
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.co...55/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150...tzip/RdxIE6.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
O16 - DPF: {99CDFD87-F97A-42E1-9C13-D18220D90AD1} (StartFirstControl.CheckFirst) - hcp://system/StartFirstControl.CAB
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gatew...rvest/gwCID.CAB
O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weat...?rand=200321021
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...ta/SymAData.cab
O16 - DPF: {CE37E095-ACFF-4380-A856-A560D389E5E1} (XPLControlProject.XPLControl) - hcp://system/XPLControl.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/p...t/msnchat45.cab
. Thanks zsurfpop

[Advertisements]

The best way to clean any computer is to do a "Fresh" install of the operation system. By this I mean that eventhing on the harddrive will be deleted, so if you decide to go this route I would copy all files that you need on to another computer or burn them to a CD. Also remeber your favorites for the Internet, as some people forget to do that. I would write down all of your settings for your computer, like Internet settings. I would also download all the lastest drivers for all of your hardware and burn them to a CD before you do a "Fresh" install b/c it is a lot easier to have all of them on a CD then it is to go find them on the net afterwards. I use PartitionMagic 8.0 for deleting of the partions b/c it has a option that you can Secure Delete, that means that it is going to write and erase to the hard drive to make sure that the data cant be recovered after it is done. If you dont have PartitionMagic then just download Kill Disk.

Next even if you dont plan on doing a "Fresh" install dont upgrade to Norton 2005. I would go to AVG Anti-Virus Free and download the Free Edition by click the link Get AVG FREE. It is just as good or better and the best part is that it is FREE!!

On the browser, I fine with using Internet Explorer, but if you want a new one then I would recommend download Slim Brower, I think it is the best Alt. browser there is. It uses the IE plugins so you dont have to go get the add-ins for FireFox and other browers. It has a built-in pop-up blocker and it is also does Tab paging.

I hope that this helps you, and if you plan on doing a fresh install let me know.

[DHooper]

The best way to clean any computer is to do a "Fresh" install of the operation system. By this I mean that eventhing on the harddrive will be deleted, so if you decide to go this route I would copy all files that you need on to another computer or burn them to a CD. Also remeber your favorites for the Internet, as some people forget to do that. I would write down all of your settings for your computer, like Internet settings. I would also download all the lastest drivers for all of your hardware and burn them to a CD before you do a "Fresh" install b/c it is a lot easier to have all of them on a CD then it is to go find them on the net afterwards. I use PartitionMagic 8.0 for deleting of the partions b/c it has a option that you can Secure Delete, that means that it is going to write and erase to the hard drive to make sure that the data cant be recovered after it is done. If you dont have PartitionMagic then just download Kill Disk.

Next even if you dont plan on doing a "Fresh" install dont upgrade to Norton 2005. I would go to AVG Anti-Virus Free and download the Free Edition by click the link Get AVG FREE. It is just as good or better and the best part is that it is FREE!!

On the browser, I fine with using Internet Explorer, but if you want a new one then I would recommend download Slim Brower, I think it is the best Alt. browser there is. It uses the IE plugins so you dont have to go get the add-ins for FireFox and other browers. It has a built-in pop-up blocker and it is also does Tab paging.

I hope that this helps you, and if you plan on doing a fresh install let me know.

[zzsurfpop]

The best way to clean any computer is to do a "Fresh" install of the operation system.  By this I mean that eventhing on the harddrive will be deleted, so if you decide to go this route I would copy all files that you need on to another computer or burn them to a CD. Also remeber your favorites for the Internet, as some people forget to do that. I would  write down all of your settings for your computer, like Internet settings.  I would also download all the lastest drivers for all of your hardware and burn them to a CD before you do a "Fresh" install b/c it is a lot easier to have all of them on a CD then it is to go find them on the net afterwards.  I use PartitionMagic 8.0 for deleting of the partions b/c it has a option that you can Secure Delete, that means that it is going to write and erase to the hard drive to make sure that the data cant be recovered after it is done.  If you dont have PartitionMagic then just download Kill Disk.

Next even if you dont plan on doing a "Fresh" install dont upgrade to Norton 2005.  I would go to AVG Anti-Virus Free and download the Free Edition by click the link Get AVG FREE.  It is just as good or better and the best part is that it is FREE!! 

On the browser, I fine with using Internet Explorer, but if you want a new one then I would recommend download Slim Brower, I think it is the best Alt. browser there is.  It uses the IE plugins so you dont have to go get the add-ins for FireFox and other browers.  It has a built-in pop-up blocker and it is also does Tab paging.

I hope that this helps you, and if you plan on doing a fresh install let me know.

[zzsurfpop]

The best way to clean any computer is to do a "Fresh" install of the operation system.  By this I mean that eventhing on the harddrive will be deleted, so if you decide to go this route I would copy all files that you need on to another computer or burn them to a CD. Also remeber your favorites for the Internet, as some people forget to do that. I would  write down all of your settings for your computer, like Internet settings.  I would also download all the lastest drivers for all of your hardware and burn them to a CD before you do a "Fresh" install b/c it is a lot easier to have all of them on a CD then it is to go find them on the net afterwards.  I use PartitionMagic 8.0 for deleting of the partions b/c it has a option that you can Secure Delete, that means that it is going to write and erase to the hard drive to make sure that the data cant be recovered after it is done.  If you dont have PartitionMagic then just download Kill Disk.

Next even if you dont plan on doing a "Fresh" install dont upgrade to Norton 2005.  I would go to AVG Anti-Virus Free and download the Free Edition by click the link Get AVG FREE.  It is just as good or better and the best part is that it is FREE!! 

On the browser, I fine with using Internet Explorer, but if you want a new one then I would recommend download Slim Brower, I think it is the best Alt. browser there is.  It uses the IE plugins so you dont have to go get the add-ins for FireFox and other browers.  It has a built-in pop-up blocker and it is also does Tab paging.

I hope that this helps you, and if you plan on doing a fresh install let me know.

[zzsurfpop]

The best way to clean any computer is to do a "Fresh" install of the operation system.  By this I mean that eventhing on the harddrive will be deleted, so if you decide to go this route I would copy all files that you need on to another computer or burn them to a CD. Also remeber your favorites for the Internet, as some people forget to do that. I would  write down all of your settings for your computer, like Internet settings.  I would also download all the lastest drivers for all of your hardware and burn them to a CD before you do a "Fresh" install b/c it is a lot easier to have all of them on a CD then it is to go find them on the net afterwards.  I use PartitionMagic 8.0 for deleting of the partions b/c it has a option that you can Secure Delete, that means that it is going to write and erase to the hard drive to make sure that the data cant be recovered after it is done.  If you dont have PartitionMagic then just download Kill Disk.

Next even if you dont plan on doing a "Fresh" install dont upgrade to Norton 2005.  I would go to AVG Anti-Virus Free and download the Free Edition by click the link Get AVG FREE.  It is just as good or better and the best part is that it is FREE!! 

On the browser, I fine with using Internet Explorer, but if you want a new one then I would recommend download Slim Brower, I think it is the best Alt. browser there is.  It uses the IE plugins so you dont have to go get the add-ins for FireFox and other browers.  It has a built-in pop-up blocker and it is also does Tab paging.

I hope that this helps you, and if you plan on doing a fresh install let me know.